Описание
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1052
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0028.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0031.html
- http://marc.info/?l=bugtraq&m=102691753204392&w=2
- http://marc.info/?l=bugtraq&m=102692936820193&w=2
- http://www.iss.net/security_center/static/9586.php
- http://www.iss.net/security_center/static/9587.php
- http://www.securityfocus.com/bid/5251
- http://www.securityfocus.com/bid/5258
EPSS
Процентиль: 84%
0.02069
Низкий
CVE ID
Связанные уязвимости
nvd
больше 23 лет назад
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
EPSS
Процентиль: 84%
0.02069
Низкий